summaryrefslogtreecommitdiff
path: root/libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch')
-rw-r--r--libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch25
1 files changed, 0 insertions, 25 deletions
diff --git a/libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch b/libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch
deleted file mode 100644
index a1737c0dc..000000000
--- a/libre/libquicktime/libquicktime-1.2.4-CVE-2016-2399.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=855099
-https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2399
-
-diff --git a/src/util.c b/src/util.c
-index d8dc3c3..9422fc5 100644
---- a/src/util.c
-+++ b/src/util.c
-@@ -340,9 +340,14 @@ int64_t quicktime_byte_position(quicktime_t *file)
-
- void quicktime_read_pascal(quicktime_t *file, char *data)
- {
-- char len = quicktime_read_char(file);
-- quicktime_read_data(file, (uint8_t*)data, len);
-- data[(int)len] = 0;
-+ int len = quicktime_read_char(file);
-+ if ((len > 0) && (len < 256)) {
-+ /* data[] is expected to be 256 bytes long */
-+ quicktime_read_data(file, (uint8_t*)data, len);
-+ data[len] = 0;
-+ } else {
-+ data[0] = 0;
-+ }
- }
-
- void quicktime_write_pascal(quicktime_t *file, char *data)
generated by cgit v1.2.2 (git 2.25.0) at 2024-05-01 14:12:50 +0000